On 30/08/2021 14:03, Jan Beulich wrote:
> @@ -933,7 +934,17 @@ int __init dom0_construct_pv(struct doma
> #ifdef CONFIG_SHADOW_PAGING
> if ( opt_dom0_shadow )
> {
> + bool preempted;
> +
> printk("Switching dom0 to using shadow paging\n");
> +
> + do {
> + preempted = false;
> + shadow_set_allocation(d, dom0_paging_pages(d, nr_pages),
> + &preempted);
> + process_pending_softirqs();
> + } while ( preempted );
This isn't correct. The shadow pool is needed even without
opt_dom0_shadow, because some downstreams have elected not to retain
upstream's security vulnerability in default setting of opt_pv_l1tf_hwdom.
Also, dom0_paging_pages() isn't a trivial calculation, so should be
called once and cached.
~Andrew
